Privacy Policy and commitment to Data Protection and EU-U.S. Data Privacy Framework principles

 

At SpiraLinks, we take the requirements of Data Privacy very seriously. This Privacy Policy is published to inform visitors to the spl.com, spiralinks.com, focalreview.net and focalreview.com websites of what data may be gathered on these websites, how it may be used and with whom it may be shared. If you have any questions regarding this Privacy Policy, please contact privacy@spiralinks.com.

The privacy policies described here apply to all visitors to www.spl.com, www.spiralinks.com, www.focalreview.net and www.focalreview.com (collectively referred to throughout this document, with their parent company SpiraLinks, as “SPL”).

Spiralinks complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. SpiraLinks has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit dataprivacyframework.gov.

SpiraLinks is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
 

1. Information Collected on our Websites

 

SPL collects and retains contact information for you as a visitor only if you voluntarily supply us with this information, which may include your e-mail address, street address, telephone number or other information to access protected information on our website or so we can follow up with you after your visit. If you have voluntarily provided this information, you consented to the collection and use of such personally identifiable information as described in this Privacy Policy.

SPL does not share, sell, rent, or trade personally identifiable information collected through these websites with third parties for any use other than that for which it was originally provided. If this practice should change in the future, we will update this policy to reflect that practice, provide individuals with the identity of those parties and the purpose for which they will be using the data as well as opt-out or opt-in (as applicable) choice prior to the release of said data.

SPL may disclose information in special cases when we have a good faith belief that such action is necessary to: (a) conform to legal requirements or comply with legal processes; (b) protect and defend our rights or property; (c) enforce the Website Conditions of Use; or (d) act to protect the interests of our users or others. Note that pursuant to the EU-U.S. DPF (Onward Principle Q12), we are obliged to notify you that we may be required to release EU and/or UK personal data in response to lawful requests by public authorities including to meet national security and law enforcement requirements. Our organization does not plan to transfer personal information to third parties. If in the future we do transfer personal information to a third party acting as an agent on our behalf, our organization shall remain liable under the DPF Principles if our agent processes such personal information in a manner inconsistent with the DPF Principles, unless our organization proves that it is not responsible for the event giving rise to the damage.

Please note that the information you provide to SPL may be processed or held on computer systems and files of SPL companies throughout the world, including the United States. This may include companies, offices or data centers outside the European Economic Area and the United Kingdom. All SPL companies maintain the same levels of data protection, confidentiality and security. In certain cases, your information may be passed to companies who process data on behalf of SPL. In such cases we ensure that appropriate confidentiality arrangements are in place.
 

2. Information Management

 

Servers hosting our websites automatically record certain information about you when you use the sites, including details of your domain name, IP address, operating system and browser. SPL may use this information to understand website usage and traffic.

SPL may use cookies or other similar text files or programs when you visit certain parts of the SPL websites. A cookie is a small file that is sent to your browser and helps SPL to understand your use of the SPL websites and enables you to access, navigate and use the services provided on the SPL websites. For information about blocking the use of cookies, please refer to the instructions/help screen on your Internet browser. Please note that if you block cookies you may not be able to access certain online services provided on the SPL websites.

This website contains links to other sites that are not owned or controlled by SPL. Please be aware that SPL is not responsible for the privacy practices of such other sites. The present Privacy Policy applies only to information collected by this website.
 

3. Security and Confidentiality

 

SPL employs industry standard security measures to ensure the security of all data. We subscribe to the principles and practices of EU-U.S. Data Privacy Framework requirements with respect to the acquisition, retention, use and management of all data originating in, used in or destined for the European Union and the United Kingdom.

We will take all reasonable steps to protect the confidentiality and security of your personal information. However, you accept the security risks inherent in providing information online over the Internet and will not hold SPL responsible for any breach of security unless this is due to our negligence.

You are also responsible for maintaining the security of any password, user ID, and any authentication needed to access any SPL website. SPL may suspend your use of a site, without notice, if any breach of security is detected or suspected. Access to and use of password protected and/or secure areas of any SPL website is restricted to authorized users only. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.
 

4. Opt-Out or to Update Your Information

 

SpiraLinks acknowledges the individual’s right to access their personal data pursuant to the EU-U.S. Data Privacy Framework. Individuals can review their data by sending a request to privacy@spiralinks.com.

SpiraLinks will provide an individual with an opt-out or opt-in choice before we share their data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized.

If at any time after registering for information you change your mind, send us a request specifying your new choice. Please send your request to privacy@spiralinks.com or to:

SpiraLinks Corporation
Attention: Privacy Complaints
900 East Hamilton Avenue, Suite 100
Campbell, California 95008 USA

We will respond to your correction or update request within a reasonable timeframe.
 

5. Recourse Regarding EU & UK Data Transferred Into the US

 

In compliance with the EU-US Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-US DPF, SpiraLinks commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union and UK individuals with DPF inquiries or complaints should first contact:

SpiraLinks Corporation
Attention: Privacy Complaints
900 East Hamilton Avenue, Suite 100
Campbell, CA 95008 USA

+1.408.608.6900
e-mail: privacy@spiralinks.com

SpiraLinks has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2.
 

6. Changes to this Privacy Policy

 

We reserve the right to modify this Privacy Policy at any time, consistent with the requirements of the EU-U.S. Data Privacy Framework principles, so please review it frequently. If we make material changes to this policy, we will notify you here or by email.
 

7. Additional Information

 

Questions regarding this Policy, the practices of this website or the implementation of Data Protection or EU-U.S. Data Privacy Framework principles should be sent to SpiraLinks by emailing privacy@spiralinks.com or by regular mail addressed to:

SpiraLinks Corporation
Attention: Privacy Complaints
900 East Hamilton Avenue, Suite 100
Campbell, California 95008 USA

Effective: 25 January 2024